Protect Your SSH From Bruteforce With Fail2Ban

Install Fail2Ban On Linux

Today I will be showing you how to enable Fail2Ban. One of the features of Fail2Ban is that it will automatically block anyone that fails to login to your ssh 5 times for 10 minutes by default although you can change this.

This will pretty much put an end to people being able to bruteforce your root password through ssh. You really should setup keys for ssh authentication which is something that I will be doing/explaining in another guide.

Installing Fail2Ban On Your Server

Lets get started by installing Fail2Ban. You can actually install it with just one command and the default settings should do the trick.

Ubuntu / Debian

Fedora / Cent OS / Red Hat

Checking For Failed SSH Attempts

If you want to see how many failed ssh attempts there have been then you can run the following command.

You should see a response something like this (the list is extremely long for this droplet so I will shorten it).

I hope you enjoyed this quick guide, if you have any comments then feel free to post them below! =)

Leave a Reply

Your email address will not be published. Required fields are marked *